X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Companies and individuals are worried — and rightfully so — about their potential Internet-related liabilities. As information technology advances at warp speed, and as the law struggles to keep up with such advances, it is hard to know for sure when and how liability can be triggered. One type of potential liability — for intercepting electronic communications of others — now may be deemed more remote, given a recent court decision. In that case, In re Pharmatrak, Inc., a federal trial judge in Massachusetts ruled that to be liable for interceptions of electronic communications under the Electronic Communications Privacy Act, the interceptions must have been a “conscious objective” of the intercepting party. CASE BACKGROUND Pharmatrak and numerous other pharmaceutical companies were sued in a consolidated class action, with the core allegation being that they had secretly intercepted and accessed personal information of the plaintiffs by using computer cookies and other devices. A federal trial judge in Massachusetts granted summary judgment before trial in favor of the defendants on all counts. The plaintiffs then appealed, arguing solely that Pharmatrak had violated ECPA. The appellate court found that Phamatrak had indeed intercepted personal information within the meaning of ECPA. Nevertheless, the appellate court remanded the case back to the trial judge so he could determine whether Pharmatrak had possessed the requisite intent under ECPA to create statutory liability. Once the case was back in the hands of the trial judge, Pharmatrak moved for summary judgment, arguing that it did not have the type of intent required by ECPA, and requesting that judgment be entered in its favor. With respect to the interception of electronic communications, ECPA provides: “Except as otherwise specifically provided in this chapter[,] any person who (a) intentionally intercepts, endeavors to intercept, or procures any other person to intercept, any wire, oral or electronic communication … shall be punished … or shall be subject to suit … .” Liability under ECPA for unlawful interceptions can be civil or criminal. In grappling with Pharmatrak’s summary judgment motion, the trial judge reviewed the legislative history underpinning ECPA to find the true nature of what is deemed “intentional” in the statute. As noted by the judge, the legislative history states that “intentional” translates to “more than that one voluntarily engaged in or caused the result.” So, according to the legislative history, “such conduct or the causing of the result must have been the person’s conscious objective” — which represents a fairly high standard to be satisfied. Indeed, the judge explained that “Congress made clear that the purpose [of the statutory language] was to underscore that inadvertent interceptions are not a basis for criminal or civil liability under ECPA.” WIN BASED ON LACK OF INTENT Having set forth the standard to be used for determining whether interceptions of electronic communications are intentional, the trial judge next considered Pharmatrak’s three principal arguments as to why it had not acted with the intent prohibited by ECPA. Pharmatrak first argued that its lack of intent was demonstrated by the relatively small amount of personal data actually found on Pharmatrak’s computer servers. To support this argument, Pharmatrak pointed out that the plaintiffs’ computer expert, after conducting a thorough search of Pharmatrak’s computers, could only assemble personal profiles on approximately 232 people. It was argued that this represents a drop in the ocean when compared to roughly 18.7 million unique Web users who visited the tracked pharmaceutical pages during the relevant time period. Pharmatrak asserted that 232 personal profiles out of a list of 18.7 million comes to 0.0012 percent, meaning that any transfer of personal information was inadvertent. The trial judge found this argument to be persuasive. Next, Pharmatrak contended that programming errors from three different third parties caused the collection of personal data. Pharmatrak argued that this was a circumstance beyond its control, and not the result of an intent to collect personal information. The plaintiffs countered by asserting that Pharmatrak should have employed certain safeguards to have prevented these transmissions. However, the trial judge found that that at most would establish negligence or gross negligence, but not enough to satisfy the specific intent requirement of ECPA. Finally, Pharmatrak asserted that it could not have had the specific intent contemplated by ECPA, as it did not even know about the existence of the personal data until after the plaintiffs had filed their lawsuit. Pharmatrak’s chief technology officer testified that he did not learn about the collection of personal information until April, 2002 — more than a year and a half after the plaintiffs had filed their lawsuit. The trial judge noted that the plaintiffs did not offer any evidenced to the contrary. Based on those things, the trial judge granted summary judgment in favor of Pharmatrak. UPSHOT Take a deep breath. You likely will not be liable under ECPA for unintended or inadvertent interceptions of electronic communications. However, if you have the conscious objective of intercepting electronic communications, watch out, as you could face civil and criminal liability under the statute. Moreover, even if you do not have the intent required for liability under ECPA, you might stilll be liable under common law theories of negligence, or based on another law. Bottom line: you should consult with a knowledgeable attorney before even thinking about intercepting electronic communications. Eric Sinrod is a partner in the San Francisco office of Duane Morris ( www.duanemorris.com), where he focuses on litigation matters of various types, including information technology disputes. Mr. Sinrod’s Web site is www.sinrodlaw.com, and he can be reached at [email protected] . To receive a weekly e-mail link to Mr. Sinrod’s columns, please type Subscribe in the subject line of an e-mail to be sent to [email protected] .

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.